The Naked Truth behind Android Botnet

The truth behind Android Botnet has become a bit hazy. While some defy its very existence, some mourn on the low level of security Google provides.  It has rather become a flamboyant cliché – much talked about, much speculated and to some extent over-hyped.

We thought to clear the air a little bit and get you the actual insight as to what exactly is the fuss all about.

The genesis of this stew began with Microsoft researcher Terry Zink laying dubious claims that Android phones are used as a part of Botnet to spam from Yahoo mail servers. He however justified his claims by denuding the evidence he procured from his investigations (or rather “hypothesis”). In his report, he mentioned that the received mails had “androidMobile” in the message header, and “Sent from Yahoo! Mail on Android” at the bottom of the emails. These mails reportedly had been sent to millions of devices located in Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine and Venezuela.

The reason why we term the investigation as mere hypothesis is because, though Mr Zink’s investigations were concrete, Mr Zink’s presumptions that the mails originated from phones infected with Trojan cloned legitimate apps are pre-conclusive.

Google has denied the claims saying that, “The evidence we’ve examined does not support the Android botnet claim. Our analysis so far suggests that spammers are perhaps using infected computers and a fake mobile signature in order to bypass the anti-spam mechanisms on the email platform they are using. The investigation nevertheless is on.”

While some believe that this is not a botnet but a possible glitch in the Yahoo! Mail service for Android devices. Co-founder of Lookout security, Mr Kevin Mahaffrey reaffirmed this stand by quoting “There’s no smoking gun, but my guess is that it’s not malware. It’s more likely an issue with Yahoo app.”

He has reported some “potential vulnerabilities” in the Yahoo! App for Android and has reported them to California search’s computer team. However, there is also not subtle amount of evidence to back these claims too as Yahoo Mail for Android was updated on June 23 to v 1.4.4 and we do not know if Mr Mahaffrey took that into account before drawing his conclusions.

Yahoo on the other side has not replied to any of the speculations which point that there can be some hidden potential threats in the Yahoo mail app for Android.

The Droid View:

If Botnet is defined as someone posting letters on your name to millions of people worldwide without your notice, then how would you define spam? Agreed though, Botnet can be used to spam mails but then why is just one mail service being used? Isn’t Botnet a cluster of devices connected remotely to one server? Can that server be Yahoo? Perhaps.

However, the fact that Android OS is less secure against such malicious attacks cannot be denied. Perhaps Google should escalate the security norms and get rid of the “rooting-cult”.